Merge branch 'api_for_user_creation' of dev.gitlabhq.com:gitlabhq

Dmitriy Zaporozhets
2 parents 0187ae4e bda0a755
Showing 4 changed files with 72 additions and 0 deletions Show diff stats
doc/api/users.md
lib/api/helpers.rb
lib/api/users.rb
spec/requests/api/users_spec.rb
@@ -65,6 +65,27 @@ Parameters:
 }
 ```
+## User creation
+Create user. Available only for admin
+
+```
+POST /users
+```
+
+Parameters:
++ `email` (required)                  - Email
++ `name` (required)                   - Name
++ `password` (required)               - Password
++ `password_confirmation` (required)  - Password confirmation
++ `skype`                             - Skype ID
++ `linkedin` (required)               - Linkedin
++ `twitter`                           - Twitter account
++ `projects_limit`                   - Limit projects wich user can create
+
+
+Will return created user with status `201 Created` on success, or `404 Not
+found` on fail.
+
 ## Current user
 Get currently authenticated user.
@@ -22,6 +22,10 @@ module Gitlab
       unauthorized! unless current_user
     end
+    def authenticated_as_admin!
+      forbidden! unless current_user.is_admin?
+    end
+
     def authorize! action, subject
       unless abilities.allowed?(current_user, action, subject)
         forbidden!
@@ -23,6 +23,30 @@ module Gitlab
         @user = User.find(params[:id])
         present @user, with: Entities::User
       end
+      
+      # Create user. Available only for admin
+      #
+      # Parameters:
+      #   email (required)                  - Email
+      #   name (required)                   - Name
+      #   password (required)               - Password
+      #   password_confirmation (required)  - Password confirmation
+      #   skype                             - Skype ID
+      #   linkedin (required)               - Linkedin
+      #   twitter                           - Twitter account
+      #   projects_limit                    - Limit projects wich user can create
+      # Example Request:
+      #   POST /users
+      post do
+        authenticated_as_admin!
+        attrs = attributes_for_keys [:email, :name, :password, :password_confirmation, :skype, :linkedin, :twitter, :projects_limit]
+        user = User.new attrs
+        if user.save
+          present user, with: Entities::User
+        else
+          not_found!
+        end
+      end
     end
     resource :user do
@@ -78,6 +102,8 @@ module Gitlab
         key = current_user.keys.find params[:id]
         key.delete
       end
+
+
     end
   end
 end
@@ -4,6 +4,7 @@ describe Gitlab::API do
   include ApiHelpers
   let(:user)  { Factory :user }
+  let(:admin) {Factory :admin}
   let(:key)   { Factory :key, user: user }
   describe "GET /users" do
@@ -32,6 +33,26 @@ describe Gitlab::API do
     end
   end
+  describe "POST /users" do
+    before{ admin }
+
+    it "should not create invalid user" do
+      post api("/users", admin), { email: "invalid email" }
+      response.status.should == 404
+    end
+
+    it "should create user" do
+      expect{
+        post api("/users", admin), Factory.attributes(:user)
+      }.to change{User.count}.by(1)
+    end
+
+    it "shouldn't available for non admin users" do
+      post api("/users", user), Factory.attributes(:user)
+      response.status.should == 403
+    end
+  end
+
   describe "GET /user" do
     it "should return current user" do
       get api("/user", user)
	@@ -65,6 +65,27 @@ Parameters:		@@ -65,6 +65,27 @@ Parameters:
65	}	65	}
66	```	66	```
67		67
		68	+## User creation
		69	+Create user. Available only for admin
		70	+
		71	+```
		72	+POST /users
		73	+```
		74	+
		75	+Parameters:
		76	++ `email` (required) - Email
		77	++ `name` (required) - Name
		78	++ `password` (required) - Password
		79	++ `password_confirmation` (required) - Password confirmation
		80	++ `skype` - Skype ID
		81	++ `linkedin` (required) - Linkedin
		82	++ `twitter` - Twitter account
		83	++ `projects_limit` - Limit projects wich user can create
		84	+
		85	+
		86	+Will return created user with status `201 Created` on success, or `404 Not
		87	+found` on fail.
		88	+
68	## Current user	89	## Current user
69		90
70	Get currently authenticated user.	91	Get currently authenticated user.
	@@ -23,6 +23,30 @@ module Gitlab		@@ -23,6 +23,30 @@ module Gitlab
23	@user = User.find(params[:id])	23	@user = User.find(params[:id])
24	present @user, with: Entities::User	24	present @user, with: Entities::User
25	end	25	end
		26	+
		27	+ # Create user. Available only for admin
		28	+ #
		29	+ # Parameters:
		30	+ # email (required) - Email
		31	+ # name (required) - Name
		32	+ # password (required) - Password
		33	+ # password_confirmation (required) - Password confirmation
		34	+ # skype - Skype ID
		35	+ # linkedin (required) - Linkedin
		36	+ # twitter - Twitter account
		37	+ # projects_limit - Limit projects wich user can create
		38	+ # Example Request:
		39	+ # POST /users
		40	+ post do
		41	+ authenticated_as_admin!
		42	+ attrs = attributes_for_keys [:email, :name, :password, :password_confirmation, :skype, :linkedin, :twitter, :projects_limit]
		43	+ user = User.new attrs
		44	+ if user.save
		45	+ present user, with: Entities::User
		46	+ else
		47	+ not_found!
		48	+ end
		49	+ end
26	end	50	end
27		51
28	resource :user do	52	resource :user do
	@@ -78,6 +102,8 @@ module Gitlab		@@ -78,6 +102,8 @@ module Gitlab
78	key = current_user.keys.find params[:id]	102	key = current_user.keys.find params[:id]
79	key.delete	103	key.delete
80	end	104	end
		105	+
		106	+
81	end	107	end
82	end	108	end
83	end	109	end
	@@ -4,6 +4,7 @@ describe Gitlab::API do		@@ -4,6 +4,7 @@ describe Gitlab::API do
4	include ApiHelpers	4	include ApiHelpers
5		5
6	let(:user) { Factory :user }	6	let(:user) { Factory :user }
		7	+ let(:admin) {Factory :admin}
7	let(:key) { Factory :key, user: user }	8	let(:key) { Factory :key, user: user }
8		9
9	describe "GET /users" do	10	describe "GET /users" do
	@@ -32,6 +33,26 @@ describe Gitlab::API do		@@ -32,6 +33,26 @@ describe Gitlab::API do
32	end	33	end
33	end	34	end
34		35
		36	+ describe "POST /users" do
		37	+ before{ admin }
		38	+
		39	+ it "should not create invalid user" do
		40	+ post api("/users", admin), { email: "invalid email" }
		41	+ response.status.should == 404
		42	+ end
		43	+
		44	+ it "should create user" do
		45	+ expect{
		46	+ post api("/users", admin), Factory.attributes(:user)
		47	+ }.to change{User.count}.by(1)
		48	+ end
		49	+
		50	+ it "shouldn't available for non admin users" do
		51	+ post api("/users", user), Factory.attributes(:user)
		52	+ response.status.should == 403
		53	+ end
		54	+ end
		55	+
35	describe "GET /user" do	56	describe "GET /user" do
36	it "should return current user" do	57	it "should return current user" do
37	get api("/user", user)	58	get api("/user", user)